preventivní kontrola děkuji

[Márty84]

Ted zkuste v nouzovem rezimu ten fixlist http://forum.viry.cz/viewtopic.php?f=30 ... 3#p1362442

Kdyz to nepujde, napiste.

[NOSAK]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-11-2014
Ran by Petr at 2014-11-30 20:56:47 Run:1
Running from C:\Documents and Settings\Petr\Plocha
Loaded Profile: Petr (Available profiles: Petr)
Boot Mode: Safe Mode (with Networking)

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...\Run: [e79d569ba77562f0d4316e586835f0a2] => C:\Documents and Settings\Petr\Local Settings\Temp\Chrome.exe [373760 2014-11-14] (TeamViewer) <===== ATTENTION
HKLM\...\Run: [MSStp] => C:\WINDOWS\inf\msstp.vbe [1584 2014-03-05] ()
HKLM\...\Run: [mncrmbervSrv] => C:\WINDOWS\system32\mncrmberv.vbe [7670 2014-03-05] ()
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKLM\...\Run: [Bonus.SSR.FR12] => C:\Program Files\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2014-05-11] (ABBYY Production LLC.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [kfdhslesvo] => C:\Documents and Settings\Petr\Local Settings\Temp\kfdhslesvo.vbs [204204 2014-11-17] () <===== ATTENTION
HKLM\...\Run: [atfajepvqg] => C:\Documents and Settings\Petr\Local Settings\Temp\atfajepvqg.vbs [204204 2014-11-17] () <===== ATTENTION
HKLM\...\Run: [KFDHSL~1] => C:\Documents and Settings\Petr\Local Settings\Temp\kfdhslesvo.vbs [204204 2014-11-17] () <===== ATTENTION
HKLM\...\Run: [ATFAJE~1] => C:\Documents and Settings\Petr\Local Settings\Temp\atfajepvqg.vbs [204204 2014-11-17] () <===== ATTENTION
HKLM\...\Run: [DIODII~1] => C:\Documents and Settings\Petr\Local Settings\Temp\diodiizpla.vbs [204204 2014-11-19] () <===== ATTENTION
HKLM\...\Run: [diodiizpla] => C:\Documents and Settings\Petr\Local Settings\Temp\diodiizpla.vbs [204204 2014-11-19] () <===== ATTENTION
HKU\S-1-5-19\...\Run: [KB976002-v5] => rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [e79d569ba77562f0d4316e586835f0a2] => C:\Documents and Settings\Petr\Local Settings\Temp\Chrome.exe [373760 2014-11-14] (TeamViewer) <===== ATTENTION
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-11-16] (Nero AG)
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [kfdhslesvo] => C:\Documents and Settings\Petr\Local Settings\Temp\kfdhslesvo.vbs [204204 2014-11-17] () <===== ATTENTION
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [atfajepvqg] => C:\Documents and Settings\Petr\Local Settings\Temp\atfajepvqg.vbs [204204 2014-11-17] () <===== ATTENTION
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [KFDHSL~1] => C:\Documents and Settings\Petr\Local Settings\Temp\kfdhslesvo.vbs [204204 2014-11-17] () <===== ATTENTION
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [ATFAJE~1] => C:\Documents and Settings\Petr\Local Settings\Temp\atfajepvqg.vbs [204204 2014-11-17] () <===== ATTENTION
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [DIODII~1] => C:\Documents and Settings\Petr\Local Settings\Temp\diodiizpla.vbs [204204 2014-11-19] () <===== ATTENTION
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [diodiizpla] => C:\Documents and Settings\Petr\Local Settings\Temp\diodiizpla.vbs [204204 2014-11-19] () <===== ATTENTION
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_223_Plugin.exe [855216 2014-11-17] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [KB976002-v5] => rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo
Startup: C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\atfajepvqg.vbs ()
Startup: C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\diodiizpla.vbs ()
Startup: C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\e79d569ba77562f0d4316e586835f0a2.exe ()
Startup: C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\kfdhslesvo.vbs ()

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S2 SkypeUpdate; C:\Program Files\Updater\Updater.exe [315008 2014-04-03] (Skype Technologies)

2014-11-17 15:36 - 2014-03-05 23:19 - 00007670 ____S () C:\WINDOWS\system32\mncrmberv.vbe
2014-11-17 15:36 - 2013-12-10 01:30 - 10236928 ____S () C:\WINDOWS\system32\acumncrmberv.exe
2014-11-17 15:36 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2014-11-17 15:36 - 2013-10-26 21:30 - 00972814 ____S () C:\WINDOWS\system32\dcgmncrmberv.exe
2014-11-17 15:36 - 2013-10-26 21:30 - 00538126 ____S () C:\WINDOWS\system32\libcurl-4.dll
2014-11-17 15:36 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\ssleay32.dll
2014-11-17 15:36 - 2013-10-26 21:30 - 00192512 ____S () C:\WINDOWS\system32\libidn-11.dll
2014-11-17 15:36 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\WINDOWS\system32\libssh2.dll
2014-11-17 15:36 - 2013-10-26 21:30 - 00133632 ____S () C:\WINDOWS\system32\librtmp.dll
2014-11-17 15:36 - 2013-10-26 21:30 - 00044727 ____S () C:\WINDOWS\system32\diablo130302.cl
2014-11-17 15:36 - 2013-10-26 21:30 - 00043810 ____S () C:\WINDOWS\system32\poclbm130302.cl
2014-11-17 15:36 - 2013-10-26 21:30 - 00030802 ____S () C:\WINDOWS\system32\diakgcn121016.cl
2014-11-17 15:36 - 2013-10-26 21:30 - 00023825 ____S () C:\WINDOWS\system32\scrypt130511.cl
2014-11-17 15:36 - 2013-10-26 21:30 - 00013062 ____S () C:\WINDOWS\system32\phatk121016.cl
2014-11-17 15:36 - 2013-07-18 17:06 - 00187904 ____S () C:\WINDOWS\system32\lcpmncrmberv.exe

C:\WINDOWS\inf\msstp.vbe
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\atfajepvqg.vbs
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\diodiizpla.vbs
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\e79d569ba77562f0d4316e586835f0a2.exe
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\kfdhslesvo.vbs


Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\e79d569ba77562f0d4316e586835f0a2 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mncrmbervSrv => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CDAServer => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Bonus.SSR.FR12 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\kfdhslesvo => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\atfajepvqg => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KFDHSL~1 => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ATFAJE~1 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\DIODII~1 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\diodiizpla => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\KB976002-v5 => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\e79d569ba77562f0d4316e586835f0a2 => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\kfdhslesvo => Value not found.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\atfajepvqg => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\KFDHSL~1 => Value not found.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\ATFAJE~1 => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DIODII~1 => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\diodiizpla => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
HKU\S-1-5-21-1085031214-764733703-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => Value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\KB976002-v5 => value deleted successfully.
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\atfajepvqg.vbs => Moved successfully.
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\diodiizpla.vbs => Moved successfully.
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\e79d569ba77562f0d4316e586835f0a2.exe => Moved successfully.
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\kfdhslesvo.vbs => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => Key deleted successfully.
"HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
NBService => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
C:\WINDOWS\system32\mncrmberv.vbe => Moved successfully.
C:\WINDOWS\system32\acumncrmberv.exe => Moved successfully.
C:\WINDOWS\system32\libeay32.dll => Moved successfully.
C:\WINDOWS\system32\dcgmncrmberv.exe => Moved successfully.
C:\WINDOWS\system32\libcurl-4.dll => Moved successfully.
C:\WINDOWS\system32\ssleay32.dll => Moved successfully.
C:\WINDOWS\system32\libidn-11.dll => Moved successfully.
C:\WINDOWS\system32\libssh2.dll => Moved successfully.
C:\WINDOWS\system32\librtmp.dll => Moved successfully.
C:\WINDOWS\system32\diablo130302.cl => Moved successfully.
C:\WINDOWS\system32\poclbm130302.cl => Moved successfully.
C:\WINDOWS\system32\diakgcn121016.cl => Moved successfully.
C:\WINDOWS\system32\scrypt130511.cl => Moved successfully.
C:\WINDOWS\system32\phatk121016.cl => Moved successfully.
C:\WINDOWS\system32\lcpmncrmberv.exe => Moved successfully.
C:\WINDOWS\inf\msstp.vbe => Moved successfully.
"C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\atfajepvqg.vbs" => File/Directory not found.
"C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\diodiizpla.vbs" => File/Directory not found.
"C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\e79d569ba77562f0d4316e586835f0a2.exe" => File/Directory not found.
"C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\kfdhslesvo.vbs" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 367.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[Márty84]

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

[NOSAK]

# AdwCleaner v4.103 - Report created 01/12/2014 at 16:16:12
# Updated 01/12/2014 by Xplode
# Database : 2014-12-01.2 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Petr - DOMA
# Running from : C:\Documents and Settings\Petr\Plocha\adwcleaner_4.103.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
Folder Deleted : C:\Program Files\Updater
Folder Deleted : C:\Documents and Settings\Petr\Data aplikací\DriverCure
Folder Deleted : C:\Documents and Settings\Petr\Data aplikací\ParetoLogic

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKLM\SOFTWARE\ParetoLogic

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v33.1.1 (x86 cs)


*************************

AdwCleaner[R0].txt - [1190 octets] - [01/12/2014 16:08:27]
AdwCleaner[R1].txt - [1250 octets] - [01/12/2014 16:12:56]
AdwCleaner[S0].txt - [1185 octets] - [01/12/2014 16:16:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1245 octets] ##########

[NOSAK]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.12.01.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Petr :: DOMA [administrátor]

Ochrana: Povolena

1.12.2014 16:34:20
MBAM-log-2014-12-01 (17-19-52).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 331953
Uplynulý čas: 43 minut, 17 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 28
C:\FRST\Quarantine\C\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\e79d569ba77562f0d4316e586835f0a2.exe.xBAD (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\C\WINDOWS\system32\acumncrmberv.exe.xBAD (PUP.Optional.Bitcoin) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\C\WINDOWS\system32\dcgmncrmberv.exe.xBAD (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\C\WINDOWS\system32\lcpmncrmberv.exe.xBAD (PUP.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP25\A0008990.exe (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP25\A0009990.exe (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP25\A0010990.exe (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0011990.exe (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0012990.exe (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0013079.Exe (Backdoor.DPVRat.Gen) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0013080.exe (PUP.Riskware.Patcher) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0014912.exe (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0014935.exe (Trojan.MSIL.Injector) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0014937.exe (PUP.Optional.Bitcoin) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0014939.exe (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{E250244C-7A6C-4E24-B74E-AF01C9589FC5}\RP26\A0014950.exe (PUP.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msumymcf\msumymcf.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
D:\Z fleška Petr bílá\TVSetup.exe (PUP.Optional.Inbox) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\ntvdm.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Havet je v bodech obnovy a vraci se od tama.


Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM a napiste jeho vysledek a podle toho zvolim dalsi postup.

Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.

[NOSAK]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.12.01.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Petr :: DOMA [administrátor]

Ochrana: Zakázána

1.12.2014 20:22:15
mbam-log-2014-12-01 (20-22-15).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 329864
Uplynulý čas: 40 minut, 32 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

MBAM muzete odinstalovat.

Dejte log z RSIT http://images.malwareremoval.com/random/RSIT.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787

[NOSAK]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2014-12-01 21:26:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 56 GB (74%) free of 76 GB
Total RAM: 1023 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:26:23, on 1.12.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Petr\Plocha\RSIT.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 4323 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AutoKMS.job - C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\kpcngiae.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://seznam.cz/"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=Quicksearch_1&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll


C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\kpcngiae.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\kpcngiae.default\searchplugins\
firmycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-11-17 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"=C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [2013-03-06 520424]
"PtiuPbmd"=ptipbm.dll,SetWriteBack []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\WINDOWS\inf\ntvdm.vbe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2014-01-07 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2011-01-25 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2011-01-25 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe"="C:\WINDOWS\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3"
"C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe"="C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe:*:Enabled:Easy Printer Manager"
"C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe"="C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe:*:Enabled:EPM Order Supplies "
"C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe"="C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe:*:Enabled:EPM Alert "
"C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe"="C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe:*:Enabled:Samsung uninstaller "
"C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe"="C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe:*:Enabled:EPM CDA Scan2PC"
"C:\Program Files\Samsung\Easy Document Creator\EDC.exe"="C:\Program Files\Samsung\Easy Document Creator\EDC.exe:*:Enabled:Samsung Easy Document Creator"
"C:\Program Files\Phone\Skype.exe"="C:\Program Files\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-12-01 21:26:17 ----D---- C:\Program Files\trend micro
2014-12-01 21:26:16 ----D---- C:\rsit
2014-12-01 16:22:31 ----D---- C:\Documents and Settings\Petr\Data aplikací\Malwarebytes
2014-12-01 16:21:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-12-01 16:21:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-12-01 16:08:19 ----D---- C:\AdwCleaner
2014-11-30 20:57:35 ----SHD---- C:\RECYCLER
2014-11-30 20:54:25 ----D---- C:\WINDOWS\CSC
2014-11-30 20:38:36 ----D---- C:\WINDOWS\temp
2014-11-30 20:38:34 ----A---- C:\ComboFix.txt
2014-11-30 20:28:57 ----A---- C:\WINDOWS\zip.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\SWSC.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\SWREG.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\sed.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\PEV.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\NIRCMD.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\MBR.exe
2014-11-30 20:28:57 ----A---- C:\WINDOWS\grep.exe
2014-11-30 20:28:47 ----D---- C:\Qoobox
2014-11-30 20:26:31 ----A---- C:\WINDOWS\ntbtlog.txt
2014-11-30 20:05:14 ----D---- C:\WINDOWS\erdnt
2014-11-30 16:40:57 ----D---- C:\WINDOWS\Minidump
2014-11-30 10:20:55 ----D---- C:\FRST
2014-11-28 20:55:57 ----D---- C:\Documents and Settings\Petr\Data aplikací\VitySoft
2014-11-28 20:49:13 ----D---- C:\Documents and Settings\Petr\Data aplikací\BitTorrent
2014-11-24 16:34:16 ----D---- C:\Documents and Settings\Petr\Data aplikací\WinRAR
2014-11-23 09:17:59 ----A---- C:\Documents and Settings\Petr\Data aplikací\LogFile.txt
2014-11-22 10:07:27 ----A---- C:\WINDOWS\UC.PIF
2014-11-22 10:07:27 ----A---- C:\WINDOWS\RAR.PIF
2014-11-22 10:07:27 ----A---- C:\WINDOWS\PKZIP.PIF
2014-11-22 10:07:27 ----A---- C:\WINDOWS\PKUNZIP.PIF
2014-11-22 10:07:27 ----A---- C:\WINDOWS\LHA.PIF
2014-11-22 10:07:27 ----A---- C:\WINDOWS\ARJ.PIF
2014-11-21 16:46:14 ----D---- C:\Documents and Settings\Petr\Data aplikací\AIMP3
2014-11-20 13:45:48 ----A---- C:\WINDOWS\NeroDigital.ini
2014-11-18 19:56:20 ----D---- C:\Program Files\Common Files\DESIGNER
2014-11-18 19:36:11 ----D---- C:\WINDOWS\system32\MRT
2014-11-18 19:08:19 ----D---- C:\WINDOWS\pss
2014-11-17 23:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2014-11-17 23:57:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$
2014-11-17 23:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2014-11-17 23:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2014-11-17 23:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2014-11-17 23:52:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2014-11-17 23:52:31 ----D---- C:\WINDOWS\system32\URTTemp
2014-11-17 23:52:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-11-17 23:52:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$
2014-11-17 23:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2014-11-17 23:49:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-11-17 23:49:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2014-11-17 23:49:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-11-17 23:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2014-11-17 23:48:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2014-11-17 23:48:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2014-11-17 23:47:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2014-11-17 23:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2014-11-17 23:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2014-11-17 23:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2014-11-17 23:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2014-11-17 23:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2014-11-17 23:35:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2014-11-17 23:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$
2014-11-17 23:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2014-11-17 23:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2014-11-17 23:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2014-11-17 23:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-11-17 23:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2014-11-17 23:21:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2014-11-17 23:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2014-11-17 23:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2014-11-17 23:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$
2014-11-17 23:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2014-11-17 23:17:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2014-11-17 23:17:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2014-11-17 23:16:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2014-11-17 23:11:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2014-11-17 23:11:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2014-11-17 23:11:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2014-11-17 23:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2014-11-17 23:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2813347-v2$
2014-11-17 23:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2014-11-17 23:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2014-11-17 23:10:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2014-11-17 23:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$
2014-11-17 23:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2014-11-17 23:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2014-11-17 23:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2014-11-17 23:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2014-11-17 23:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2014-11-17 22:59:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2014-11-17 22:59:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2014-11-17 22:59:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2014-11-17 22:58:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2014-11-17 22:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2014-11-17 22:58:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2014-11-17 22:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-11-17 22:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2014-11-17 22:54:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-11-17 22:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2014-11-17 22:54:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2014-11-17 22:54:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2014-11-17 22:52:09 ----D---- C:\WINDOWS\ie8updates
2014-11-17 22:44:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2014-11-17 22:44:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2014-11-17 22:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2014-11-17 22:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2014-11-17 22:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2014-11-17 22:44:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
2014-11-17 22:43:47 ----N---- C:\WINDOWS\system32\spmsg.dll
2014-11-17 22:43:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2014-11-17 22:43:46 ----HD---- C:\WINDOWS\$hf_mig$
2014-11-17 18:13:26 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-17 17:50:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2014-11-17 17:50:10 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-11-17 17:46:14 ----D---- C:\Documents and Settings\Petr\Data aplikací\Macromedia
2014-11-17 17:37:23 ----D---- C:\Documents and Settings\Petr\Data aplikací\Skype
2014-11-17 17:37:09 ----D---- C:\Program Files\Skype
2014-11-17 17:37:09 ----D---- C:\Program Files\Common Files\Skype
2014-11-17 17:37:08 ----D---- C:\Program Files\Phone
2014-11-17 17:36:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2014-11-17 17:28:30 ----D---- C:\Documents and Settings\Petr\Data aplikací\Zoner
2014-11-17 17:28:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Zoner
2014-11-17 17:28:01 ----D---- C:\Program Files\Zoner
2014-11-17 17:21:01 ----D---- C:\Program Files\AIMP3
2014-11-17 16:59:07 ----D---- C:\Documents and Settings\Petr\Data aplikací\Ahead
2014-11-17 16:57:35 ----D---- C:\Program Files\Nero
2014-11-17 16:57:35 ----D---- C:\Program Files\Common Files\Ahead
2014-11-17 16:57:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2014-11-17 16:49:39 ----D---- C:\Documents and Settings\Petr\Data aplikací\ArcSoft
2014-11-17 16:48:54 ----A---- C:\WINDOWS\system32\drivers\afc.sys
2014-11-17 16:48:47 ----A---- C:\WINDOWS\system32\gdiplus.dll
2014-11-17 16:47:19 ----D---- C:\Program Files\Common Files\ArcSoft
2014-11-17 16:47:16 ----A---- C:\WINDOWS\system32\unicows.dll
2014-11-17 16:47:16 ----A---- C:\WINDOWS\PCDLIB32.DLL
2014-11-17 16:47:15 ----D---- C:\Program Files\Hercules
2014-11-17 16:46:00 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2014-11-17 16:45:38 ----N---- C:\WINDOWS\system32\ov530usd.dll
2014-11-17 16:45:38 ----N---- C:\WINDOWS\system32\drivers\ov530vid.sys
2014-11-17 16:45:38 ----N---- C:\WINDOWS\system32\drivers\ov530cmd.sys
2014-11-17 16:45:38 ----N---- C:\WINDOWS\ov530dib.dll
2014-11-17 16:45:38 ----D---- C:\WINDOWS\OvtCam
2014-11-17 16:45:37 ----N---- C:\WINDOWS\system32\ov530ext.dll
2014-11-17 16:35:15 ----D---- C:\Program Files\ABBYY FineReader 12
2014-11-17 16:35:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\ABBYY
2014-11-17 16:34:49 ----D---- C:\Program Files\MSXML 6.0
2014-11-17 16:33:27 ----D---- C:\temp
2014-11-17 16:30:47 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2014-11-17 16:30:13 ----D---- C:\Program Files\Common Files\Samsung OCR Software
2014-11-17 16:29:44 ----D---- C:\Program Files\Common Files\Scan Process Machine
2014-11-17 16:29:04 ----D---- C:\Documents and Settings\Petr\Data aplikací\Samsung
2014-11-17 16:28:51 ----D---- C:\Program Files\Common Files\Common Desktop Agent
2014-11-17 16:28:25 ----RA---- C:\WINDOWS\Wiainst.exe
2014-11-17 16:28:24 ----A---- C:\WINDOWS\system32\SaXPWIA.dll
2014-11-17 16:28:24 ----A---- C:\WINDOWS\system32\SaXPUIEx.dll
2014-11-17 16:28:18 ----D---- C:\Program Files\SamsungPrinterLiveUpdateInstaller
2014-11-17 16:28:18 ----D---- C:\Program Files\SamsungPrinterLiveUpdate
2014-11-17 16:28:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2014-11-17 16:28:11 ----A---- C:\WINDOWS\system32\ssm4mlm.dll
2014-11-17 16:28:11 ----A---- C:\WINDOWS\system32\SBuySupplies.exe
2014-11-17 16:28:07 ----A---- C:\WINDOWS\system32\eed_sl.exe
2014-11-17 16:28:06 ----A---- C:\WINDOWS\system32\eed_ec.dll
2014-11-17 16:28:05 ----A---- C:\WINDOWS\system32\ssm4mci.exe
2014-11-17 16:28:05 ----A---- C:\WINDOWS\system32\ssm4mci.dll
2014-11-17 16:27:54 ----A---- C:\WINDOWS\system32\Ssusbpn.dll
2014-11-17 16:27:54 ----A---- C:\WINDOWS\system32\Ssdevm.dll
2014-11-17 16:27:53 ----A---- C:\WINDOWS\system32\SaWIAMUI.dll
2014-11-17 16:27:37 ----D---- C:\Program Files\Samsung
2014-11-17 16:27:15 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2014-11-17 16:24:44 ----A---- C:\WINDOWS\system32\ativvamv.dll
2014-11-17 16:24:44 ----A---- C:\WINDOWS\system32\atioglxx.dll
2014-11-17 16:24:44 ----A---- C:\WINDOWS\system32\atimpc32.dll
2014-11-17 16:24:44 ----A---- C:\WINDOWS\system32\atibtmon.exe
2014-11-17 16:24:44 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2014-11-17 16:24:44 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2014-11-17 16:24:44 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2014-11-17 16:24:43 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-11-17 16:24:35 ----D---- C:\Program Files\ATI
2014-11-17 16:16:05 ----A---- C:\WINDOWS\AutoKMS.ini
2014-11-17 15:38:21 ----N---- C:\WINDOWS\system32\xp_eos.exe
2014-11-17 15:36:28 ----D---- C:\WINDOWS\system32\bitstreams
2014-11-17 15:36:27 ----AS---- C:\WINDOWS\system32\zlib1.dll
2014-11-17 15:36:27 ----AS---- C:\WINDOWS\system32\pthreadVC2.dll
2014-11-17 15:36:27 ----AS---- C:\WINDOWS\system32\pthreadGC2.dll
2014-11-17 15:36:27 ----AS---- C:\WINDOWS\system32\cudart32_50_35.dll
2014-11-17 15:30:13 ----D---- C:\totalcmd
2014-11-17 15:30:13 ----D---- C:\Documents and Settings\Petr\Data aplikací\GHISLER
2014-11-17 15:26:12 ----D---- C:\Documents and Settings\Petr\Data aplikací\Mozilla
2014-11-17 15:26:05 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-17 15:26:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-11-17 15:26:00 ----D---- C:\Program Files\Mozilla Firefox
2014-11-17 15:25:16 ----N---- C:\WINDOWS\system32\iacenc.dll
2014-11-17 15:24:07 ----D---- C:\Documents and Settings\Petr\Data aplikací\Adobe
2014-11-17 15:18:06 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2014-11-17 15:06:08 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-11-17 15:05:36 ----D---- C:\Program Files\Microsoft Sync Framework
2014-11-17 15:05:36 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-11-17 15:02:15 ----D---- C:\Program Files\Microsoft Visual Studio 8
2014-11-17 15:01:12 ----D---- C:\WINDOWS\SHELLNEW
2014-11-17 15:01:12 ----D---- C:\Program Files\Microsoft Analysis Services
2014-11-17 15:01:03 ----D---- C:\Program Files\Microsoft Office
2014-11-17 15:01:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-11-17 15:00:57 ----A---- C:\WINDOWS\system32\h323log.txt
2014-11-17 15:00:46 ----RD---- C:\MSOCache
2014-11-17 14:58:50 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2014-11-17 14:58:50 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2014-11-17 14:58:50 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2014-11-17 14:58:49 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2014-11-17 14:58:49 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2014-11-17 14:58:48 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2014-11-17 14:58:48 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2014-11-17 14:58:47 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2014-11-17 14:58:47 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2014-11-17 14:58:47 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2014-11-17 14:58:46 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2014-11-17 14:58:45 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2014-11-17 14:58:26 ----A---- C:\WINDOWS\system32\drivers\usbaudio.sys
2014-11-17 14:58:25 ----A---- C:\WINDOWS\system32\ksuser.dll
2014-11-17 14:58:25 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2014-11-17 14:58:25 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2014-11-17 14:57:21 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2014-11-17 14:56:58 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys
2014-11-17 14:56:54 ----A---- C:\WINDOWS\system32\drivers\UAGP35.SYS
2014-11-17 14:56:49 ----A---- C:\WINDOWS\system32\usbui.dll
2014-11-17 14:55:52 ----SHD---- C:\WINDOWS\Installer
2014-11-17 14:55:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-17 14:55:51 ----D---- C:\Program Files\Common Files\ODBC
2014-11-17 14:55:51 ----A---- C:\WINDOWS\ODBCINST.INI
2014-11-17 14:55:47 ----RD---- C:\Program Files
2014-11-17 14:55:47 ----D---- C:\Program Files\Common Files\SpeechEngines
2014-11-17 14:55:47 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-11-17 14:55:47 ----D---- C:\Program Files\Common Files
2014-11-17 14:55:38 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2014-11-17 14:55:38 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2014-11-17 14:55:38 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2014-11-17 14:55:36 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2014-11-17 14:55:36 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2014-11-17 14:55:36 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdur.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdru.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2014-11-17 14:55:35 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2014-11-17 14:55:33 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2014-11-17 14:55:33 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2014-11-17 14:55:33 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2014-11-17 14:55:33 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2014-11-17 14:55:33 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2014-11-17 14:55:33 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2014-11-17 14:55:32 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2014-11-17 14:55:30 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2014-11-17 14:55:30 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2014-11-17 14:55:30 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2014-11-17 14:55:30 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2014-11-17 14:55:30 ----RA---- C:\WINDOWS\system32\kbdest.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdro.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2014-11-17 14:55:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2014-11-17 14:55:20 ----A---- C:\WINDOWS\system32\irclass.dll
2014-11-17 14:55:19 ----A---- C:\WINDOWS\system32\spxcoins.dll
2014-11-17 14:55:19 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2014-11-17 14:55:19 ----A---- C:\WINDOWS\system32\dgsetup.dll
2014-11-17 14:55:19 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2014-11-17 14:55:16 ----A---- C:\WINDOWS\TASKMAN.EXE
2014-11-17 14:55:15 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2014-11-17 14:55:15 ----A---- C:\WINDOWS\system32\batt.dll
2014-11-17 14:55:14 ----A---- C:\WINDOWS\system32\storprop.dll
2014-11-17 14:55:14 ----A---- C:\WINDOWS\NOTEPAD.EXE
2014-11-17 14:55:09 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2014-11-17 14:54:44 ----D---- C:\WINDOWS\system32\CatRoot2
2014-11-17 14:54:44 ----D---- C:\WINDOWS\system32\CatRoot
2014-11-17 14:54:39 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-11-17 14:54:21 ----A---- C:\WINDOWS\setuplog.txt
2014-11-17 14:54:18 ----D---- C:\Documents and Settings
2014-11-17 14:54:17 ----SHD---- C:\System Volume Information
2014-11-17 14:54:17 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-17 14:53:17 ----SH---- C:\boot.ini
2014-11-17 14:50:09 ----D---- C:\WINDOWS\RegisteredPackages
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\psisdecd.dll
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2014-11-17 14:49:56 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2014-11-17 14:49:55 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2014-11-17 14:49:55 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2014-11-17 14:49:55 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2014-11-17 14:49:51 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2014-11-17 14:49:36 ----D---- C:\WINDOWS\OemDir
2014-11-17 14:49:31 ----SD---- C:\WINDOWS\Offline Web Pages
2014-11-17 14:49:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-11-17 14:49:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-11-17 14:49:31 ----RSD---- C:\WINDOWS\Fonts
2014-11-17 14:49:31 ----RD---- C:\WINDOWS\Web
2014-11-17 14:49:31 ----HD---- C:\WINDOWS\inf
2014-11-17 14:49:31 ----D---- C:\WINDOWS\WinSxS
2014-11-17 14:49:31 ----D---- C:\WINDOWS\WBEM
2014-11-17 14:49:31 ----D---- C:\WINDOWS\twain_32
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\wins
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\wbem
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\usmt
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\spool
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\ShellExt
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\Setup
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\ras
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\oobe
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\npp
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\mui
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\inetsrv
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\IME
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\icsxml
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\ias
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\export
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\drivers\etc
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\drivers\disdn
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\drivers
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\dhcp
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\cs-cz
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\cs
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\config
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\3com_dmi
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\3076
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\2052
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1054
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1042
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1041
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1037
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1033
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1031
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1029
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1028
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32\1025
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system32
2014-11-17 14:49:31 ----D---- C:\WINDOWS\system
2014-11-17 14:49:31 ----D---- C:\WINDOWS\security
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Resources
2014-11-17 14:49:31 ----D---- C:\WINDOWS\repair
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Provisioning
2014-11-17 14:49:31 ----D---- C:\WINDOWS\pchealth
2014-11-17 14:49:31 ----D---- C:\WINDOWS\PeerNet
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Network Diagnostic
2014-11-17 14:49:31 ----D---- C:\WINDOWS\mui
2014-11-17 14:49:31 ----D---- C:\WINDOWS\msapps
2014-11-17 14:49:31 ----D---- C:\WINDOWS\msagent
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Media
2014-11-17 14:49:31 ----D---- C:\WINDOWS\L2Schemas
2014-11-17 14:49:31 ----D---- C:\WINDOWS\java
2014-11-17 14:49:31 ----D---- C:\WINDOWS\ime
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Help
2014-11-17 14:49:31 ----D---- C:\WINDOWS\ehome
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Driver Cache
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Debug
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Cursors
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Connection Wizard
2014-11-17 14:49:31 ----D---- C:\WINDOWS\Config
2014-11-17 14:49:31 ----D---- C:\WINDOWS\AppPatch
2014-11-17 14:49:31 ----D---- C:\WINDOWS\addins
2014-11-17 14:49:31 ----D---- C:\WINDOWS
2014-11-17 14:49:31 ----ASH---- C:\pagefile.sys
2014-11-17 14:48:53 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2014-11-17 14:48:51 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2014-11-17 14:48:48 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2014-11-17 14:48:47 ----A---- C:\WINDOWS\system32\ativva6x.dat
2014-11-17 14:48:45 ----A---- C:\WINDOWS\system32\ativva5x.dat
2014-11-17 14:48:43 ----RA---- C:\WINDOWS\system32\ativvaxx.dat
2014-11-17 14:48:43 ----A---- C:\WINDOWS\system32\atiicdxx.dat
2014-11-17 14:48:12 ----D---- C:\Program Files\ATI Technologies
2014-11-17 14:48:09 ----HD---- C:\Program Files\InstallShield Installation Information
2014-11-17 14:47:17 ----D---- C:\Program Files\Common Files\InstallShield
2014-11-17 14:43:04 ----A---- C:\WINDOWS\CMISETUP.INI
2014-11-17 14:43:04 ----A---- C:\WINDOWS\CMCDPLAY.INI
2014-11-17 14:43:03 ----A---- C:\WINDOWS\Wininit.ini
2014-11-17 14:43:03 ----A---- C:\WINDOWS\system32\udaprop.dll
2014-11-17 14:43:03 ----A---- C:\WINDOWS\system32\drivers\cmuda.sys
2014-11-17 14:43:03 ----A---- C:\WINDOWS\system32\cmuda.dll
2014-11-17 14:43:02 ----A---- C:\WINDOWS\system32\cmiwcnfg.dll
2014-11-17 14:43:02 ----A---- C:\WINDOWS\system32\cmirmdrv.exe
2014-11-17 14:43:02 ----A---- C:\WINDOWS\system32\cmirmdrv.dll
2014-11-17 14:43:01 ----A---- C:\WINDOWS\system32\Audio3D.dll
2014-11-17 14:43:01 ----A---- C:\WINDOWS\system32\a3d.dll
2014-11-17 14:42:56 ----D---- C:\Program Files\C-Media 3D Audio
2014-11-17 14:42:56 ----A---- C:\WINDOWS\CMIUninstall.exe
2014-11-17 14:42:56 ----A---- C:\WINDOWS\CmiRmRedundDir.exe
2014-11-17 14:42:56 ----A---- C:\WINDOWS\CMIRmDriver.dll
2014-11-17 14:42:31 ----RA---- C:\WINDOWS\system32\ptipbm.dll
2014-11-17 14:42:31 ----RA---- C:\WINDOWS\system32\drivers\ulsata.sys
2014-11-17 14:42:21 ----RA---- C:\WINDOWS\system32\drivers\b57xp32.sys
2014-11-17 14:39:39 ----D---- C:\Program Files\VIA Technologies, Inc
2014-11-17 14:39:39 ----A---- C:\WINDOWS\system32\vusetup.dll
2014-11-17 14:39:39 ----A---- C:\WINDOWS\system32\drivers\vulfntr.sys
2014-11-17 14:39:39 ----A---- C:\WINDOWS\system32\drivers\vulfnth.sys
2014-11-17 14:36:26 ----A---- C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2014-11-17 14:36:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-11-17 14:35:56 ----A---- C:\WINDOWS\IsUninst.exe
2014-11-17 14:33:11 ----D---- C:\Documents and Settings\Petr\Data aplikací\Windows Desktop Search
2014-11-17 14:32:38 ----A---- C:\WINDOWS\system32\wmpns.dll
2014-11-17 14:32:37 ----D---- C:\Documents and Settings\Petr\Data aplikací\Identities
2014-11-17 14:32:35 ----HD---- C:\Program Files\Uninstall Information
2014-11-17 14:32:24 ----SD---- C:\Documents and Settings\Petr\Data aplikací\Microsoft
2014-11-17 14:32:24 ----ASH---- C:\Documents and Settings\Petr\Data aplikací\desktop.ini
2014-11-17 14:31:39 ----D---- C:\WINDOWS\Prefetch
2014-11-17 14:31:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-11-17 14:29:50 ----AS---- C:\WINDOWS\bootstat.dat
2014-11-17 14:27:33 ----D---- C:\WINDOWS\system32\xircom
2014-11-17 14:27:33 ----D---- C:\Program Files\xerox
2014-11-17 14:27:33 ----D---- C:\Program Files\microsoft frontpage
2014-11-17 14:26:53 ----SD---- C:\WINDOWS\system32\Microsoft
2014-11-17 14:26:50 ----A---- C:\WINDOWS\system32\javaws.exe
2014-11-17 14:26:50 ----A---- C:\WINDOWS\system32\javaw.exe
2014-11-17 14:26:50 ----A---- C:\WINDOWS\system32\java.exe
2014-11-17 14:26:50 ----A---- C:\WINDOWS\system32\deployJava1.dll
2014-11-17 14:26:41 ----D---- C:\Program Files\Java
2014-11-17 14:26:24 ----RASH---- C:\MSDOS.SYS
2014-11-17 14:26:24 ----RASH---- C:\IO.SYS
2014-11-17 14:26:24 ----AH---- C:\CONFIG.SYS
2014-11-17 14:26:24 ----AH---- C:\AUTOEXEC.BAT
2014-11-17 14:26:24 ----A---- C:\WINDOWS\control.ini
2014-11-17 14:25:46 ----A---- C:\WINDOWS\OEWABLog.txt
2014-11-17 14:25:44 ----A---- C:\WINDOWS\system32\mapi32.dll
2014-11-17 14:24:25 ----HD---- C:\Program Files\WindowsUpdate
2014-11-17 14:24:22 ----D---- C:\Program Files\Online Services
2014-11-17 14:24:04 ----D---- C:\Program Files\Windows Media Connect 2
2014-11-17 14:23:47 ----D---- C:\WINDOWS\system32\DirectX
2014-11-17 14:23:37 ----A---- C:\WINDOWS\system32\atrace.dll
2014-11-17 14:23:33 ----A---- C:\WINDOWS\system32\desktop.ini
2014-11-17 14:23:33 ----A---- C:\WINDOWS\desktop.ini
2014-11-17 14:23:24 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2014-11-17 14:23:23 ----A---- C:\WINDOWS\system32\acctres.dll
2014-11-17 14:23:22 ----D---- C:\Program Files\Common Files\Services
2014-11-17 14:23:18 ----SD---- C:\WINDOWS\Tasks
2014-11-17 14:23:18 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2014-11-17 14:23:17 ----D---- C:\Program Files\Common Files\MSSoap
2014-11-17 14:23:10 ----D---- C:\WINDOWS\srchasst
2014-11-17 14:23:06 ----D---- C:\WINDOWS\system32\Macromed
2014-11-17 14:23:02 ----A---- C:\WINDOWS\system32\wuweb.dll
2014-11-17 14:23:02 ----A---- C:\WINDOWS\system32\wucltui.dll
2014-11-17 14:23:02 ----A---- C:\WINDOWS\system32\wuauserv.dll
2014-11-17 14:23:02 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2014-11-17 14:23:01 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2014-11-17 14:23:00 ----D---- C:\WINDOWS\system32\bits
2014-11-17 14:23:00 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2014-11-17 14:23:00 ----A---- C:\WINDOWS\system32\qmgr.dll
2014-11-17 14:22:56 ----D---- C:\Program Files\Movie Maker
2014-11-17 14:22:33 ----A---- C:\WINDOWS\system32\safrslv.dll
2014-11-17 14:22:33 ----A---- C:\WINDOWS\system32\safrdm.dll
2014-11-17 14:22:33 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2014-11-17 14:22:33 ----A---- C:\WINDOWS\system32\racpldlg.dll
2014-11-17 14:22:28 ----D---- C:\WINDOWS\system32\Restore
2014-11-17 14:22:28 ----A---- C:\WINDOWS\system32\srrstr.dll
2014-11-17 14:22:28 ----A---- C:\WINDOWS\system32\fltMc.exe
2014-11-17 14:22:28 ----A---- C:\WINDOWS\system32\fltlib.dll
2014-11-17 14:22:28 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-11-17 14:22:27 ----A---- C:\WINDOWS\system32\srsvc.dll
2014-11-17 14:22:27 ----A---- C:\WINDOWS\system32\srclient.dll
2014-11-17 14:22:27 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2014-11-17 14:22:26 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2014-11-17 14:22:26 ----A---- C:\WINDOWS\system32\msconf.dll
2014-11-17 14:22:26 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2014-11-17 14:22:26 ----A---- C:\WINDOWS\system32\mnmdd.dll
2014-11-17 14:22:26 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2014-11-17 14:22:26 ----A---- C:\WINDOWS\system32\ils.dll
2014-11-17 14:22:22 ----D---- C:\Program Files\NetMeeting
2014-11-17 14:22:21 ----A---- C:\WINDOWS\system32\msoert2.dll
2014-11-17 14:22:21 ----A---- C:\WINDOWS\system32\msoeacct.dll
2014-11-17 14:22:20 ----A---- C:\WINDOWS\system32\inetres.dll
2014-11-17 14:22:20 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-17 14:22:18 ----D---- C:\Program Files\Outlook Express
2014-11-17 14:22:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2014-11-17 14:22:18 ----A---- C:\WINDOWS\system32\mstinit.exe
2014-11-17 14:22:17 ----A---- C:\WINDOWS\system32\mstask.dll
2014-11-17 14:22:17 ----A---- C:\WINDOWS\system32\icwphbk.dll
2014-11-17 14:22:17 ----A---- C:\WINDOWS\system32\icwdial.dll
2014-11-17 14:22:16 ----A---- C:\WINDOWS\system32\isign32.dll
2014-11-17 14:22:16 ----A---- C:\WINDOWS\system32\inetcfg.dll
2014-11-17 14:22:09 ----D---- C:\Program Files\Common Files\System
2014-11-17 14:13:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2014-11-17 14:06:07 ----RSD---- C:\WINDOWS\assembly
2014-11-17 14:05:41 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2014-11-17 14:05:39 ----D---- C:\Program Files\ComPlus Applications
2014-11-17 14:05:39 ----A---- C:\WINDOWS\vbaddin.ini
2014-11-17 14:05:39 ----A---- C:\WINDOWS\vb.ini
2014-11-17 14:05:37 ----D---- C:\WINDOWS\Registration
2014-11-17 14:05:33 ----D---- C:\Program Files\Windows Media Player
2014-11-17 14:05:12 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2014-11-17 14:05:06 ----D---- C:\Program Files\Microsoft.NET
2014-11-17 14:05:06 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2014-11-17 14:04:49 ----D---- C:\WINDOWS\system32\XPSViewer
2014-11-17 14:04:48 ----D---- C:\Program Files\MSBuild
2014-11-17 14:04:48 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-11-17 14:04:46 ----A---- C:\WINDOWS\system32\rgb9rast_2.dll
2014-11-17 14:04:45 ----D---- C:\WINDOWS\system32\en-US
2014-11-17 14:04:45 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-11-17 14:04:45 ----A---- C:\WINDOWS\system32\PresentationHostProxy.dll
2014-11-17 14:04:45 ----A---- C:\WINDOWS\system32\PresentationHost.exe
2014-11-17 14:04:43 ----A---- C:\WINDOWS\system32\infocardapi.dll
2014-11-17 14:04:42 ----D---- C:\Program Files\Reference Assemblies
2014-11-17 14:04:42 ----A---- C:\WINDOWS\system32\icardres.dll
2014-11-17 14:04:42 ----A---- C:\WINDOWS\system32\icardagt.exe
2014-11-17 14:04:42 ----A---- C:\WINDOWS\system32\evr.dll
2014-11-17 14:04:41 ----A---- C:\WINDOWS\system32\dxva2.dll
2014-11-17 14:04:32 ----A---- C:\WINDOWS\system32\msvcr80.dll
2014-11-17 14:04:32 ----A---- C:\WINDOWS\system32\msvcp80.dll
2014-11-17 14:04:32 ----A---- C:\WINDOWS\system32\msvcm80.dll
2014-11-17 14:04:28 ----A---- C:\WINDOWS\system32\dfshim.dll
2014-11-17 14:04:15 ----A---- C:\WINDOWS\system32\netfxperf.dll
2014-11-17 14:04:13 ----D---- C:\Program Files\Internet Explorer
2014-11-17 14:04:13 ----A---- C:\WINDOWS\system32\mscories.dll
2014-11-17 14:04:13 ----A---- C:\WINDOWS\system32\mscorier.dll
2014-11-17 14:04:13 ----A---- C:\WINDOWS\system32\mscoree.dll
2014-11-17 14:04:05 ----A---- C:\WINDOWS\system32\xpsshhdr.dll
2014-11-17 14:04:05 ----A---- C:\WINDOWS\system32\prntvpt.dll
2014-11-17 14:04:04 ----A---- C:\WINDOWS\system32\xpssvcs.dll
2014-11-17 14:03:58 ----D---- C:\WINDOWS\system32\DRM
2014-11-17 14:03:58 ----D---- C:\WINDOWS\BitLockerDiscoveryVolumeContents
2014-11-17 14:03:58 ----A---- C:\WINDOWS\system32\SecProc_ssp_isv.dll
2014-11-17 14:03:58 ----A---- C:\WINDOWS\system32\SecProc_ssp.dll
2014-11-17 14:03:57 ----A---- C:\WINDOWS\system32\RmActivate_ssp_isv.exe
2014-11-17 14:03:57 ----A---- C:\WINDOWS\system32\RmActivate_ssp.exe
2014-11-17 14:03:57 ----A---- C:\WINDOWS\system32\RmActivate_isv.exe
2014-11-17 14:03:56 ----A---- C:\WINDOWS\system32\SecProc_isv.dll
2014-11-17 14:03:56 ----A---- C:\WINDOWS\system32\SecProc.dll
2014-11-17 14:03:56 ----A---- C:\WINDOWS\system32\RmActivate.exe
2014-11-17 14:03:56 ----A---- C:\WINDOWS\system32\msdrm.dll
2014-11-17 14:03:55 ----A---- C:\WINDOWS\system32\winUsbCoinstaller.dll
2014-11-17 14:03:55 ----A---- C:\WINDOWS\system32\WgaTray.exe
2014-11-17 14:03:55 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2014-11-17 14:03:54 ----A---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-11-17 14:03:53 ----A---- C:\WINDOWS\system32\WUDFUpdate_01007.dll
2014-11-17 14:03:53 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2014-11-17 14:03:53 ----A---- C:\WINDOWS\system32\imapi2.dll
2014-11-17 14:03:52 ----A---- C:\WINDOWS\system32\UncRes.dll
2014-11-17 14:03:52 ----A---- C:\WINDOWS\system32\UncPH.dll
2014-11-17 14:03:52 ----A---- C:\WINDOWS\system32\UncNE.dll
2014-11-17 14:03:52 ----A---- C:\WINDOWS\system32\UncDMS.dll
2014-11-17 14:03:52 ----A---- C:\WINDOWS\system32\UncCplExt.dll
2014-11-17 14:03:52 ----A---- C:\WINDOWS\system32\oephRes.dll
2014-11-17 14:03:52 ----A---- C:\WINDOWS\system32\oeph.dll
2014-11-17 14:03:46 ----D---- C:\Program Files\Windows Desktop Search
2014-11-17 14:03:44 ----A---- C:\WINDOWS\system32\xmlfilter.dll
2014-11-17 14:03:44 ----A---- C:\WINDOWS\system32\srchadmin.dll
2014-11-17 14:03:44 ----A---- C:\WINDOWS\system32\rtffilt.dll
2014-11-17 14:03:44 ----A---- C:\WINDOWS\system32\propsys.dll
2014-11-17 14:03:43 ----A---- C:\WINDOWS\system32\msshsq.dll
2014-11-17 14:03:43 ----A---- C:\WINDOWS\system32\msshooks.dll
2014-11-17 14:03:43 ----A---- C:\WINDOWS\system32\msscb.dll
2014-11-17 14:03:43 ----A---- C:\WINDOWS\system32\idxcntrs.ini
2014-11-17 14:03:43 ----A---- C:\WINDOWS\system32\gthrctr.ini
2014-11-17 14:03:43 ----A---- C:\WINDOWS\system32\gsrvctr.ini
2014-11-17 14:03:42 ----A---- C:\WINDOWS\system32\tquery.dll
2014-11-17 14:03:42 ----A---- C:\WINDOWS\system32\propdefs.dll
2014-11-17 14:03:42 ----A---- C:\WINDOWS\system32\msstrc.dll
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\searchprotocolhost.exe
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\searchindexer.exe
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\searchfilterhost.exe
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\mssrch.dll
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\mssprxy.dll
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\mssphtb.dll
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\mssph.dll
2014-11-17 14:03:41 ----A---- C:\WINDOWS\system32\mssitlb.dll
2014-11-17 14:03:40 ----A---- C:\WINDOWS\system32\msxml4r.dll
2014-11-17 14:03:40 ----A---- C:\WINDOWS\system32\msscntrs.dll
2014-11-17 14:03:39 ----D---- C:\Program Files\MSXML 4.0
2014-11-17 14:03:35 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2014-11-17 14:03:33 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2014-11-17 14:03:32 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2014-11-17 14:03:31 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2014-11-17 14:03:30 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2014-11-17 14:03:29 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2014-11-17 14:03:29 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2014-11-17 14:03:28 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2014-11-17 14:03:27 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2014-11-17 14:03:26 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2014-11-17 14:03:26 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2014-11-17 14:03:25 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2014-11-17 14:03:24 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2014-11-17 14:03:24 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2014-11-17 14:03:23 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2014-11-17 14:03:22 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2014-11-17 14:03:22 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2014-11-17 14:03:21 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2014-11-17 14:03:21 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2014-11-17 14:03:20 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2014-11-17 14:03:20 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2014-11-17 14:03:19 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2014-11-17 14:03:19 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2014-11-17 14:03:18 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2014-11-17 14:03:18 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2014-11-17 14:03:18 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2014-11-17 14:03:18 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2014-11-17 14:03:17 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2014-11-17 14:03:17 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2014-11-17 14:03:17 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2014-11-17 14:03:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2014-11-17 14:03:17 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2014-11-17 14:03:17 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2014-11-17 14:03:17 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2014-11-17 14:03:16 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2014-11-17 14:03:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2014-11-17 14:03:16 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2014-11-17 14:03:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2014-11-17 14:03:16 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2014-11-17 14:03:12 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2014-11-17 14:03:12 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2014-11-17 14:03:11 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2014-11-17 14:03:10 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2014-11-17 14:03:10 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2014-11-17 14:03:09 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2014-11-17 14:03:08 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2014-11-17 14:03:08 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2014-11-17 14:03:07 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2014-11-17 14:03:07 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2014-11-17 14:03:06 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2014-11-17 14:03:06 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2014-11-17 14:02:48 ----D---- C:\Program Files\Microsoft Silverlight
2014-11-17 14:02:47 ----D---- C:\WINDOWS\SoftwareDistribution
2014-11-17 14:02:47 ----A---- C:\WINDOWS\system32\muweb.dll
2014-11-17 14:02:47 ----A---- C:\WINDOWS\system32\mucltui.dll
2014-11-17 14:02:47 ----A---- C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll
2014-11-17 14:02:47 ----A---- C:\WINDOWS\system32\browserchoice.exe
2014-11-17 14:02:46 ----D---- C:\WINDOWS\system32\PreInstall
2014-11-17 14:02:46 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2014-11-17 14:02:43 ----A---- C:\WINDOWS\system32\pwrshplugin.dll
2014-11-17 14:02:33 ----D---- C:\WINDOWS\system32\winrm
2014-11-17 14:02:33 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2014-11-17 14:02:32 ----D---- C:\WINDOWS\system32\GroupPolicy
2014-11-17 14:02:32 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2014-11-17 14:02:32 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2014-11-17 14:02:32 ----A---- C:\WINDOWS\system32\wsmanhttpconfig.exe
2014-11-17 14:02:32 ----A---- C:\WINDOWS\system32\winrssrv.dll
2014-11-17 14:02:32 ----A---- C:\WINDOWS\system32\winrmprov.dll
2014-11-17 14:02:32 ----A---- C:\WINDOWS\system32\wevtfwd.dll
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\WsmRes.dll
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\winrsmgr.dll
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\winrshost.exe
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\winrscmd.dll
2014-11-17 14:02:31 ----A---- C:\WINDOWS\system32\winrs.exe
2014-11-17 14:02:30 ----A---- C:\WINDOWS\system32\winrm.vbs
2014-11-17 14:02:30 ----A---- C:\WINDOWS\system32\winrm.cmd
2014-11-17 14:02:29 ----D---- C:\Program Files\Messenger
2014-11-17 14:02:24 ----D---- C:\Program Files\MSN Gaming Zone
2014-11-17 14:02:24 ----A---- C:\WINDOWS\system32\write.exe
2014-11-17 14:02:12 ----A---- C:\WINDOWS\system32\sndvol32.exe
2014-11-17 14:02:12 ----A---- C:\WINDOWS\system32\hticons.dll
2014-11-17 14:02:12 ----A---- C:\WINDOWS\system32\avwav.dll
2014-11-17 14:02:12 ----A---- C:\WINDOWS\system32\avtapi.dll
2014-11-17 14:02:12 ----A---- C:\WINDOWS\system32\avmeter.dll
2014-11-17 14:02:11 ----A---- C:\WINDOWS\system32\winchat.exe
2014-11-17 14:02:02 ----A---- C:\WINDOWS\system32\charmap.exe
2014-11-17 14:02:02 ----A---- C:\WINDOWS\system32\getuname.dll
2014-11-17 14:02:02 ----A---- C:\WINDOWS\system32\calc.exe
2014-11-17 14:02:01 ----A---- C:\WINDOWS\system32\winmine.exe
2014-11-17 14:02:01 ----A---- C:\WINDOWS\system32\sol.exe
2014-11-17 14:02:01 ----A---- C:\WINDOWS\system32\mshearts.exe
2014-11-17 14:02:00 ----A---- C:\WINDOWS\system32\rdpinit.exe
2014-11-17 14:02:00 ----A---- C:\WINDOWS\system32\freecell.exe
2014-11-17 14:01:59 ----A---- C:\WINDOWS\system32\wksprtps.dll
2014-11-17 14:01:59 ----A---- C:\WINDOWS\system32\wksprt.exe
2014-11-17 14:01:59 ----A---- C:\WINDOWS\system32\winlogonnotification.dll
2014-11-17 14:01:59 ----A---- C:\WINDOWS\system32\tswbprxy.exe
2014-11-17 14:01:59 ----A---- C:\WINDOWS\system32\tspubwmi.dll
2014-11-17 14:01:59 ----A---- C:\WINDOWS\system32\rdpshell.exe
2014-11-17 14:01:59 ----A---- C:\WINDOWS\system32\MsRdpWebAccess.dll
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\tslabels.ini
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\tskill.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\tscon.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\shadow.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\rwinsta.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\reset.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\regini.exe
2014-11-17 14:01:58 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2014-11-17 14:01:57 ----A---- C:\WINDOWS\system32\qwinsta.exe
2014-11-17 14:01:57 ----A---- C:\WINDOWS\system32\qappsrv.exe
2014-11-17 14:01:57 ----A---- C:\WINDOWS\system32\msg.exe
2014-11-17 14:01:57 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2014-11-17 14:01:57 ----A---- C:\WINDOWS\system32\logoff.exe
2014-11-17 14:01:57 ----A---- C:\WINDOWS\system32\cdmodem.dll
2014-11-17 14:01:49 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2014-11-17 14:01:48 ----A---- C:\WINDOWS\system32\sndrec32.exe
2014-11-17 14:01:48 ----A---- C:\WINDOWS\system32\mplay32.exe
2014-11-17 14:01:48 ----A---- C:\WINDOWS\system32\accwiz.exe
2014-11-17 14:01:47 ----D---- C:\Program Files\Windows NT
2014-11-17 14:01:47 ----A---- C:\WINDOWS\system32\mspaint.exe
2014-11-17 14:01:47 ----A---- C:\WINDOWS\system32\hypertrm.dll
2014-11-17 14:01:46 ----A---- C:\WINDOWS\system32\spider.exe
2014-11-17 14:01:46 ----A---- C:\WINDOWS\system32\clipbrd.exe
2014-11-17 14:01:45 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-11-17 14:01:45 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-11-17 14:01:45 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2014-11-17 14:01:45 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2014-11-17 14:01:45 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2014-11-17 14:01:44 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2014-11-17 14:01:44 ----A---- C:\WINDOWS\system32\aaclient.dll
2014-11-17 14:01:43 ----A---- C:\WINDOWS\system32\sessmgr.exe
2014-11-17 14:01:43 ----A---- C:\WINDOWS\system32\remotepg.dll
2014-11-17 14:01:43 ----A---- C:\WINDOWS\system32\rdshost.exe
2014-11-17 14:01:43 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2014-11-17 14:01:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-11-17 14:01:43 ----A---- C:\WINDOWS\system32\mstsc.exe
2014-11-17 14:01:42 ----A---- C:\WINDOWS\system32\termsrv.dll
2014-11-17 14:01:42 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2014-11-17 14:01:42 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2014-11-17 14:01:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2014-11-17 14:01:42 ----A---- C:\WINDOWS\system32\rdchost.dll
2014-11-17 14:01:42 ----A---- C:\WINDOWS\system32\qprocess.exe
2014-11-17 14:01:42 ----A---- C:\WINDOWS\system32\icaapi.dll
2014-11-17 14:01:41 ----D---- C:\WINDOWS\system32\MsDtc
2014-11-17 14:01:41 ----A---- C:\WINDOWS\system32\mtxoci.dll
2014-11-17 14:01:41 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2014-11-17 14:01:41 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2014-11-17 14:01:41 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2014-11-17 14:01:40 ----A---- C:\WINDOWS\system32\xolehlp.dll
2014-11-17 14:01:40 ----A---- C:\WINDOWS\system32\msdtctm.dll
2014-11-17 14:01:40 ----A---- C:\WINDOWS\system32\msdtclog.dll
2014-11-17 14:01:40 ----A---- C:\WINDOWS\system32\msdtc.exe
2014-11-17 14:01:39 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2014-11-17 14:01:39 ----A---- C:\WINDOWS\system32\mtxex.dll
2014-11-17 14:01:39 ----A---- C:\WINDOWS\system32\mtxdm.dll
2014-11-17 14:01:39 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2014-11-17 14:01:38 ----D---- C:\WINDOWS\system32\Com
2014-11-17 14:01:38 ----A---- C:\WINDOWS\system32\stclient.dll
2014-11-17 14:01:38 ----A---- C:\WINDOWS\system32\comrepl.dll
2014-11-17 14:01:38 ----A---- C:\WINDOWS\system32\comaddin.dll
2014-11-17 14:01:38 ----A---- C:\WINDOWS\system32\colbact.dll
2014-11-17 14:01:38 ----A---- C:\WINDOWS\system32\clbcatex.dll
2014-11-17 14:01:38 ----A---- C:\WINDOWS\system32\catsrvps.dll
2014-11-17 14:01:37 ----A---- C:\WINDOWS\system32\catsrvut.dll
2014-11-17 14:01:37 ----A---- C:\WINDOWS\system32\catsrv.dll
2014-11-17 14:01:36 ----A---- C:\WINDOWS\system32\comuid.dll
2014-11-17 14:01:36 ----A---- C:\WINDOWS\system32\comsvcs.dll
2014-11-17 14:01:36 ----A---- C:\WINDOWS\system32\comsnap.dll
2014-11-17 14:01:36 ----A---- C:\WINDOWS\system32\clbcatq.dll
2014-11-17 14:01:28 ----A---- C:\WINDOWS\system32\servdeps.dll
2014-11-17 14:01:28 ----A---- C:\WINDOWS\system32\mmfutil.dll
2014-11-17 14:01:28 ----A---- C:\WINDOWS\system32\licwmi.dll
2014-11-17 14:01:28 ----A---- C:\WINDOWS\system32\cmprops.dll
2014-11-17 14:01:23 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2014-11-17 14:01:23 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2014-11-06 09:44:28 ----AH---- C:\Program Files\desktop.ini

======List of files/folders modified in the last 1 month======

2014-11-30 20:36:55 ----A---- C:\WINDOWS\system.ini
2014-11-21 06:57:52 ----A---- C:\WINDOWS\win.ini
2014-11-17 14:25:30 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2011-01-25 61824]
R0 UlSata;UlSata; C:\WINDOWS\system32\DRIVERS\ulsata.sys [2003-01-26 64256]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-12-27 26880]
R0 viasraid;viasraid; C:\WINDOWS\system32\drivers\viasraid.sys [2003-06-12 75904]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2011-01-25 41600]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2011-01-25 62848]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2011-01-25 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2014-01-07 7875072]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-21 175360]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-05-01 743367]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2011-01-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2011-01-25 61824]
R3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]
S0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2011-01-25 9472]
S3 catchme;catchme; \??\C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 NTACCESS;NTACCESS; \??\G:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\G:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2011-01-25 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2011-01-25 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2011-01-25 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2014-01-07 643072]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2011-01-25 439808]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-09-14 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-14 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2011-01-25 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2011-01-25 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2011-01-25 14848]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Márty84]

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[ClearAllRestorePoints]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\inf\ntvdm.vbe
C:\Documents and Settings\All Users\Data aplikací\McAfee
C:\WINDOWS\inf\msumymcf\msumymcf.exe
C:\WINDOWS\inf\ntvdm.vbe
C:\WINDOWS\inf\ntvdm.inf
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)


Za ty cracknute office vas rozhodne nepochvalim!

Nainstalujte nejaky antivir, treba Avast free.

[NOSAK]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temporary Internet Files folder emptied: 33170 bytes

User: Petr
->Temp folder emptied: 2529085 bytes
->Temporary Internet Files folder emptied: 849862 bytes
->FireFox cache emptied: 367937072 bytes
->Flash cache emptied: 3578 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 65 bytes

Total Files Cleaned = 354,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Petr
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\inf\ntvdm.vbe not found.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee folder moved successfully.
File/Folder C:\WINDOWS\inf\msumymcf\msumymcf.exe not found.
File/Folder C:\WINDOWS\inf\ntvdm.vbe not found.
File/Folder C:\WINDOWS\inf\ntvdm.inf not found.
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 12022014_224914

Files moved on Reboot...

Registry entries deleted on Reboot...

[Márty84]

Zkontrolujte velikost adresare plochy. Nemela by prekracovat 200 - 300 MB


Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[NOSAK]

Dobré odpoledne,
tak jsem projel PC dle Vašeho posledního návodu:
obsazená velikost PLOCHy - cca 15 MB
COMBOFIX odinstalován - OK
OTC - po avizovaném restartu PC se sam uz nerozbehl, musel jsem resetovat
CCLEANER - po stažení verze 5.0 došlo po instalaci a spuštění k pádu PC na modrou obrazovku, to samé i v nouzovém režimu, pmohlo až stažení verze 3, ta OK
u defragmentace to samé, stažení z webu od auslogicu proběhla defragmentace OK

[Márty84]

S temito problemy jsem se zatim nesetkal. Mozna ty nove verze tech programu uz proste na XP nefungujou, jelikoz uz system neni podporovan (podobne jako treba MBAM, kdy nova verze take na XP nefunguje).

No a co pocitac? Je nejaky problem? Vyskakuje jeste neco?

[NOSAK]

Takže PC start rychleší, vypínání i restart o mnoho rychlejší, celkově v pohodě
ale po restaru i vypnutí a zapnutí vypadne nejdříve hláška " Windows script host - c:documenst and settings/petr" a druhá "dcgmncmbfeu.exe - součást nelze najít blabla" originál v příloze